trojan

Apple's Flashback Trojan was a major concern for Mac OS X users. But it might have also been a huge revenue opportunity for its creators.

According to security firm Symantec, which has been analyzing Flashback, the Trojan known as OSX.Flashback.K included a significant ad-clicking component that the company says, was designed to help the creators generate revenue.

"Flashback specifically targets search queries made on Google and, depending on the search query, may redirect users to another page of the attacker's choosing, where they receive revenue from the click," Symantec wrote in a blog post. &… Read more

UPDATE: New developments suggest the malware threat may not be as contained as previously thought.

The Flashback threat for OS X has been one of the biggest malware attacks on the platform to date, with an estimated 1 percent, or around 600,000 Mac systems, being affected at the peak of the malware's activity on April 9, 2012. Further analysis of the threat by security firm Kindsight has suggested that up to 1 in every 15 households with Macs in the U.S. may have been affected by this malware.

Since the initial reports of the Flashback findings, a … Read more

There's some good news and some bad news in Mac malware land: the number of machines estimated to be infected has dropped, but that number hasn't gone down as fast as experts expected.

In a blog post today, software maker and security firm Symantec lowered its estimate of machines that still have the malware to 140,000, which is down considerably from estimates of more than 600,000 less than two weeks ago. Even so, the firm said it was expecting a lower tally.

"The statistics from our sinkhole are showing declining numbers on a daily basis. … Read more

Recently the Mac platform has been hit with a few malware attacks, the most notable being the Flashback malware. The same vulnerabilities that this and others have used are now cropping up in other malware as well. These include yesterday's news of the SabPab malware and its MacKontrol variant, and also the Olyx malware that is a variant of the Tibet malware we previously discussed.

Some of these attacks are targeted for specific groups in China or Tibet, but others like Flashback are more widespread and have targeted as many Mac systems as possible, by exploiting vulnerabilities in the … Read more

Recently the Flashback malware attacks on OS X gained headlines, not because of the presence of the Trojan, which had been around for some months prior to the increase in attention, but rather because it gained the possibility of installation in a drive-by-download attack that did not require any interaction from the user in order to install.

This development was made possible because of a vulnerability in Java that allowed for a maliciously crafted applet to break the Java sandbox and write files to the disk. Apple has since patched this issue and it, along with other companies, have released … Read more

Here we go again.

Kaspersky Lab security researcher Costin Raiu has discovered another Mac OS X Trojan. Dubbed Backdoor.OSX.SabPub.a (or just SabPub, for short), the malware uses Java exploits to infect a Mac, connect to a remote Web site, and wait for instructions that include taking screenshots of the user's Mac and executing commands.

"The Java exploits appear to be pretty standard, however, (and) they have been obfuscated using ZelixKlassMaster, a flexible and quite powerful Java obfuscator," Raiu wrote on the Securelist blog. "This was obviously done in order to avoid detection from … Read more

Japanese users of Google's online clearing house of downloadable entertainment for Android devices are being targeted with a Trojan horse that displays requested videos but nicks personal information in the process.

Antivirus company McAfee posted a blog item this afternoon about the Trojan, which was found lurking in the Google Play marketplace.

The post says applications carrying the Trojan promise, and in some cases deliver, trailers for upcoming video games or anime or adult-oriented clips, but they also request "read contact data" and "read phone state and identity" permissions before being downloaded.

Those permissions give … Read more

The Flashback Trojan that found its way onto more than 600,000 Macs isn't the first bit of malicious code that has hit an Apple computer, but it sure has the casual Mac user thinking twice. It's the most significant malware in recent memory that dents the otherwise unrealistic reputation that Macs are somehow invulnerable to viruses.

The truth is, there are more PC/Windows viruses because there are more Windows machines. The more popular Macs get, the more OS X-based viruses will surface.… Read more

Feeling a bit skittish about using a mostly-hidden Mac OS X utility and running lines of code to see if your Mac is one of the 650,000-some infected with the Flashback malware? There's a new tool that's much simpler.

Dr. Web, the same Russian security firm that's been tracking the scope and scale of the Flashback malware's spread worldwide, now has a free, Web-based utility that will tell you if your machine has been compromised, and is -- in fact -- plugged into the botnet network.

In order to do this, it cross-checks your Mac'… Read more